• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: GD Graphics Library Multiple Unspecified Remote Buffer overflow Vulnerabilities

Severity: CRITICAL

Description:

The GD Graphics Library (gdlib) is an open-source graphics library available for multiple platforms including Unix variants and Microsoft Windows. It is implemented in ANSI C and is designed to facilitate creation and manipulation of PNG, JPEG, and GIF image formats.

Multiple unspecified remote buffer-overflow vulnerabilities have been identified in the GD Graphics Library. The library fails to do sufficient bounds-checking before processing user-specified strings.

The problem reportedly presents itself when a malformed file is processed with the affected application. Apparently, when processing files, the affected application uses the 'gdmalloc()' function to allocate memory. This function fails to securely allocate memory, facilitating a heap-based buffer overflow.

Note that this issue may affect all applications that implement the library for graphics processing. A comprehensive list of such applications currently does not exist.

The details that are currently available surrounding this issue are insufficient to provide more in-depth technical description. This BID will be updated as more information becomes available.

Note that these issues are distinct from that reported in BID 11523 (GD Graphics Library Remote Integer Overflow Vulnerability).

An attacker may leverage these issues to remotely execute arbitrary code on a computer with the privileges of a user that views a malicious image file. This may facilitate unauthorized access or privilege escalation.

Affected Products:

• Avaya Converged Communications Server 2.0.0
• Avaya Intuity LX
• Avaya MN100
• Avaya Modular Messaging (MSS) 1.1.0
• Avaya Modular Messaging (MSS) 2.0.0
• Avaya Network Routing 0.0.0
• Avaya S8300 R2.0.0
• Avaya S8300 R2.0.1
• Avaya S8500 R2.0.0
• Avaya S8500 R2.0.1
• Avaya S8700 R2.0.0
• Avaya S8700 R2.0.1
• Avaya S8710 R2.0.0
• Avaya S8710 R2.0.1
• Debian Linux 3.0.0
• Debian Linux 3.0.0 alpha
• Debian Linux 3.0.0 arm
• Debian Linux 3.0.0 hppa
• Debian Linux 3.0.0 ia-32
• Debian Linux 3.0.0 ia-64
• Debian Linux 3.0.0 m68k
• Debian Linux 3.0.0 mips
• Debian Linux 3.0.0 mipsel
• Debian Linux 3.0.0 ppc
• Debian Linux 3.0.0 s/390
• Debian Linux 3.0.0 sparc
• GD Graphics Library gdlib 1.8.4
• GD Graphics Library gdlib 2.0.1
• GD Graphics Library gdlib 2.0.20
• GD Graphics Library gdlib 2.0.21
• GD Graphics Library gdlib 2.0.22
• GD Graphics Library gdlib 2.0.23
• GD Graphics Library gdlib 2.0.26
• GD Graphics Library gdlib 2.0.27
• GD Graphics Library gdlib 2.0.28
• GD Graphics Library gdlib 2.0.33
• MandrakeSoft Corporate Server 3.0.0
• MandrakeSoft Corporate Server 3.0.0 x86_64
• MandrakeSoft Linux Mandrake 10.2.0
• MandrakeSoft Linux Mandrake 10.2.0 x86_64
• MandrakeSoft Linux Mandrake 2006.0.0
• MandrakeSoft Linux Mandrake 2006.0.0 x86_64
• MandrakeSoft Multi Network Firewall 2.0.0
• RedHat Advanced Workstation for the Itanium Processor 2.1.0
• RedHat Advanced Workstation for the Itanium Processor 2.1.0 IA64
• RedHat Desktop 3.0.0
• RedHat Desktop 4.0.0
• RedHat Enterprise Linux AS 2.1
• RedHat Enterprise Linux AS 2.1 IA64
• RedHat Enterprise Linux AS 3
• RedHat Enterprise Linux AS 4
• RedHat Enterprise Linux ES 2.1
• RedHat Enterprise Linux ES 2.1 IA64
• RedHat Enterprise Linux ES 3
• RedHat Enterprise Linux ES 4
• RedHat Enterprise Linux WS 2.1
• RedHat Enterprise Linux WS 2.1 IA64
• RedHat Enterprise Linux WS 3
• RedHat Enterprise Linux WS 4
• RedHat Fedora Core2
• RedHat Fedora Core3
• SGI Advanced Linux Environment 3.0.0
• SGI ProPack 3.0.0
• Trustix Secure Enterprise Linux 2.0.0
• Trustix Secure Linux 1.5.0
• Trustix Secure Linux 2.0.0
• Trustix Secure Linux 2.1.0
• Trustix Secure Linux 2.2.0
• Turbolinux Appliance Server 2.0
• Turbolinux FUJI
• Turbolinux Home
• Turbolinux Turbolinux 10 F...
• Turbolinux Turbolinux Desktop 10.0.0
• Turbolinux Turbolinux FUJI
• Turbolinux Turbolinux Server 10.0.0
• Turbolinux Turbolinux Server 10.0.0 x64
• Ubuntu Ubuntu Linux 4.1.0 ia32
• Ubuntu Ubuntu Linux 4.1.0 ia64
• Ubuntu Ubuntu Linux 4.1.0 ppc
• wvWare libwmf 0.2.8

References:

• Avaya: ASA-2005-017_RHSA-2004-638
• GD Graphics Library: gdlib Home Page
• RedHat: RHSA-2004:638-09 - Updated gd packages fix security issues
• RedHat: RHSA-2004:638-13 - Updated gd packages fix security issues
• RedHat: RHSA-2006:0194-4 - gd security update

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.